AHC
Company Details
Linkedin ID:
aurora-health-care
Website:
Employees number:
13,385
Number of followers:
68,318
NAICS:
62
Industry Type:
Homepage:
aah.org
IP Addresses:
39
Company ID:
AUR_1042304
Scan Status:
Completed
Aurora Health Care Company CyberSecurity Posture
aah.org
Aurora Health Care is proud to be a part of Advocate Health, the third-largest nonprofit integrated health system in the U.S. Advocate Health is the third-largest nonprofit, integrated health system in the United States, created from the combination of Advocate Aurora Health and Atrium Health. Providing care under the names Advocate Health Care in Illinois; Atrium Health in the Carolinas, Georgia and Alabama; and Aurora Health Care in Wisconsin, Advocate Health is a national leader in clinical innovation, health outcomes, consumer experience and value-based care. Headquartered in Charlotte, North Carolina, Advocate Health services nearly 6 million patients and is engaged in hundreds of clinical trials and research studies, with Wake Forest University School of Medicine serving as the academic core of the enterprise. It is nationally recognized for its expertise in cardiology, neurosciences, oncology, pediatrics and rehabilitation, as well as organ transplants, burn treatments and specialized musculoskeletal programs. Advocate Health employs nearly 150,000 team members across 68 hospitals and over 1,000 care locations, and offers one of the nation’s largest graduate medical education programs with over 2,000 residents and fellows across more than 200 programs. Committed to providing equitable care for all, Advocate Health provides nearly $5 billion in annual community benefits. Learn more: advocatehealth.org Read our social media community engagement guidelines: aah.org/social
Aurora Health Care A.I CyberSecurity Scoring
AHC Risk Score (AI oriented)Between 750 and 799
AHC
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
AHC Global Score (TPRM)XXXX
AHC
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
AHC Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Aurora Health Care
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Hackers had stolen personal information from patients at Aurora Medical Center Bay Area. An email phishing scam around January 1 was used to gain access to the email accounts of several of hospital's employee. The hackers didn’t get into the hospital's electronic health records system, but they had access to patient’s personal and health information through employee emails. Information included a patient’s first and last name, maiden name ,marital status,date of birth,street address ,Email address and phone number ,dates of admission,discharge, or treatment ,social security number,medical record number,health insurance account number,medical device number,drivers license number,passport number,bank account numbers,full face photograph.
AHC Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for AHC
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Aurora Health Care in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Aurora Health Care in 2025.
Incident Types AHC vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Aurora Health Care in 2025.
Incident History — AHC (X = Date, Y = Severity)
AHC cyber incidents detection timeline including parent company and subsidiaries
AHC Company Subsidiaries
Aurora Health Care is proud to be a part of Advocate Health, the third-largest nonprofit integrated health system in the U.S. Advocate Health is the third-largest nonprofit, integrated health system in the United States, created from the combination of Advocate Aurora Health and Atrium Health. Providing care under the names Advocate Health Care in Illinois; Atrium Health in the Carolinas, Georgia and Alabama; and Aurora Health Care in Wisconsin, Advocate Health is a national leader in clinical innovation, health outcomes, consumer experience and value-based care. Headquartered in Charlotte, North Carolina, Advocate Health services nearly 6 million patients and is engaged in hundreds of clinical trials and research studies, with Wake Forest University School of Medicine serving as the academic core of the enterprise. It is nationally recognized for its expertise in cardiology, neurosciences, oncology, pediatrics and rehabilitation, as well as organ transplants, burn treatments and specialized musculoskeletal programs. Advocate Health employs nearly 150,000 team members across 68 hospitals and over 1,000 care locations, and offers one of the nation’s largest graduate medical education programs with over 2,000 residents and fellows across more than 200 programs. Committed to providing equitable care for all, Advocate Health provides nearly $5 billion in annual community benefits. Learn more: advocatehealth.org Read our social media community engagement guidelines: aah.org/social
Loading...
AHC Similar Companies
Hapvida NotreDame Intermédica
Com cerca de 80 anos de experiência, a Hapvida é hoje a maior empresa de saúde integrada da América Latina. A companhia, que possui mais de 69 mil colaboradores, atende quase 16 milhões de beneficiários de saúde e odontologia espalhados pelas cinco regiões do Brasil. Todo o aparato foi construído a
Novant Health
Novant Health is an integrated network of more than 850 locations, including 19 hospitals, more than 700 physician clinics and urgent care centers, outpatient facilities, and imaging and pharmacy services. This network supports a seamless and personalized healthcare experience for communities in Nor
LUX MED
LUX MED - leader and trustworthy expert We care for the health of the patients professionally and with engagement, we have been developing our business for over 20 years. Today we are the leader and expert on the private healthcare market. We take under our care both individual patients and corpo
BayCare Health System
BayCare is a leading not-for-profit academic health care system that connects individuals and families to a wide range of services at 16 hospitals, including a children’s hospital, and hundreds of other convenient locations throughout the Tampa Bay and central Florida regions. The system is West Cen
Duke University Health System
As a world-class academic and health care system, Duke Health strives to transform medicine and health locally and globally through innovative scientific research, rapid translation of breakthrough discoveries, educating future clinical and scientific leaders, advocating and practicing evidence-base
Inova Health
Inova is Northern Virginia’s leading nonprofit healthcare provider, offering world-class clinical excellence to everyone in our communities with a warm, human touch. Our 22,000+ team members collaborate to achieve individual and group health goals in partnership with every one of the 2M+ individuals
Providence
Every day, 119,000 compassionate caregivers serve patients and communities through Providence St. Joseph Health, a national, Catholic, not-for-profit health system, driven by a belief that health is a human right. Rooted in the founding missions of the Sisters of Providence and the Sisters of St.
Cedars-Sinai
Since its beginning in 1902, Cedars-Sinai has evolved to meet the healthcare needs of one of the most diverse regions in the nation, continually setting new standards for quality and innovation in patient care, research, teaching and community service. Today, Cedars-Sinai is widely known for its na
McKesson
Welcome to the official LinkedIn page for McKesson Corporation. We're an impact-driven healthcare organization dedicated to “Advancing Health Outcomes For All.” As a global healthcare company, we touch virtually every aspect of health. Our leaders empower our people to lead with a growth mindset an
.png)
AHC CyberSecurity News
November 27, 2025 05:59 AM
A comprehensive list of 2025 tech layoffs
A complete list of all the known layoffs in tech, from Big Tech to startups, broken down by month throughout 2024 and 2025.
October 26, 2025 07:00 AM
Healthcare Data Breach Statistics
In 2023, 725 data breaches were reported to OCR and across those breaches, more than 133 million records were exposed or impermissibly disclosed.
October 07, 2025 07:00 AM
Healthcare Cybersecurity Market Size & Share, 2033
Global Healthcare Cybersecurity Market Size, Share, Trends & Growth Forecast Report By Offering (Solutions, Services), Threat Type (Malware,...
September 17, 2025 07:00 AM
Cybersecurity alerts surge after hours as threats evolve, says report
A report reveals that 51% of cybersecurity alerts now occur outside business hours, challenging organisations to strengthen defences against...
August 27, 2025 07:00 AM
Matthew Harris
Rogers Behavioral Health's President and CEO, Cindy Meyer, is pleased to welcome Matthew Harris as Chief Information Officer,...
August 22, 2025 07:00 AM
Aurora’s new CIO targets cybersecurity, AI and fibre growth
Aurora's new CIO, Ram Tyagi, tells Cities Today he is leading a five-point digital strategy on AI adoption, cybersecurity, fibre expansion,...
July 30, 2025 07:00 AM
Press Release: Congressman Jason Crow Sues Trump Administration Over Denied Access to Aurora ICE Detention Facility
Congressman Jason Crow is suing the Trump Administration for denying access to Aurora's ICE detentio.
April 29, 2025 07:00 AM
Health Insurance Provider Blue Shield of California Discloses Accidental Sharing of Customer Health Data Via Google Analytics
A major data breach at health insurance giant Blue Shield of California appears to be a case of misconfiguring advertising analytics tools.
March 24, 2025 07:00 AM
A Survey on Internet of Medical Things (IoMT): Enabling Technologies, Security and Explainability Issues, Challenges, and Future Directions
Internet of Medical Things (IoMT) paradigm refers to the process of collection, transmission and analysis of healthcare data using...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
AHC CyberSecurity History Information
Official Website of Aurora Health Care
The official website of Aurora Health Care is https://careers.aah.org/.
Aurora Health Care’s AI-Generated Cybersecurity Score
According to Rankiteo, Aurora Health Care’s AI-generated cybersecurity score is 767, reflecting their Fair security posture.
How many security badges does Aurora Health Care’ have ?
According to Rankiteo, Aurora Health Care currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Aurora Health Care have SOC 2 Type 1 certification ?
According to Rankiteo, Aurora Health Care is not certified under SOC 2 Type 1.
Does Aurora Health Care have SOC 2 Type 2 certification ?
According to Rankiteo, Aurora Health Care does not hold a SOC 2 Type 2 certification.
Does Aurora Health Care comply with GDPR ?
According to Rankiteo, Aurora Health Care is not listed as GDPR compliant.
Does Aurora Health Care have PCI DSS certification ?
According to Rankiteo, Aurora Health Care does not currently maintain PCI DSS compliance.
Does Aurora Health Care comply with HIPAA ?
According to Rankiteo, Aurora Health Care is not compliant with HIPAA regulations.
Does Aurora Health Care have ISO 27001 certification ?
According to Rankiteo,Aurora Health Care is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Aurora Health Care
Aurora Health Care operates primarily in the Hospitals and Health Care industry.
Number of Employees at Aurora Health Care
Aurora Health Care employs approximately 13,385 people worldwide.
Subsidiaries Owned by Aurora Health Care
Aurora Health Care presently has no subsidiaries across any sectors.
Aurora Health Care’s LinkedIn Followers
Aurora Health Care’s official LinkedIn profile has approximately 68,318 followers.
NAICS Classification of Aurora Health Care
Aurora Health Care is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Aurora Health Care’s Presence on Crunchbase
Yes, Aurora Health Care has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/aurora-zilber-family-hospice.
Aurora Health Care’s Presence on LinkedIn
Yes, Aurora Health Care maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/aurora-health-care.
Cybersecurity Incidents Involving Aurora Health Care
As of November 27, 2025, Rankiteo reports that Aurora Health Care has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Aurora Health Care has an estimated 29,991 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Aurora Health Care ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
Incident Details
Can you provide details on each incident ?
Title: Data Breach at Aurora Medical Center Bay Area
Description: Hackers had stolen personal information from patients at Aurora Medical Center Bay Area through an email phishing scam.
Date Detected: 2023-01-01
Type: Data Breach
Attack Vector: Phishing
Vulnerability Exploited: Email Accounts
Threat Actor: Unknown Hackers
Motivation: Data Theft
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Email Phishing.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach AUR1248291222
Data Compromised: Patient’s first and last name, Maiden name, Marital status, Date of birth, Street address, Email address, Phone number, Dates of admission, discharge, or treatment, Social security number, Medical record number, Health insurance account number, Medical device number, Driver's license number, Passport number, Bank account numbers, Full face photograph
Systems Affected: Employee Email Accounts
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Health Information and .
Which entities were affected by each incident ?
Incident : Data Breach AUR1248291222
Entity Name: Aurora Medical Center Bay Area
Entity Type: Hospital
Industry: Healthcare
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach AUR1248291222
Type of Data Compromised: Personal information, Health information
Sensitivity of Data: High
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach AUR1248291222
Entry Point: Email Phishing
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach AUR1248291222
Root Causes: Phishing Attack
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unknown Hackers.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-01-01.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Patient’s first and last name, Maiden name, Marital status, Date of birth, Street address, Email address, Phone number, Dates of admission, discharge, or treatment, Social security number, Medical record number, Health insurance account number, Medical device number, Driver's license number, Passport number, Bank account numbers, Full face photograph and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Medical device number, Patient’s first and last name, Phone number, Bank account numbers, Full face photograph, Social security number, Passport number, Maiden name, Date of birth, Email address, Medical record number, Street address, Driver's license number, Marital status, Dates of admission, discharge, or treatment and Health insurance account number.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Email Phishing.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=aurora-health-care' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
